[sr-dev] [kamailio/kamailio] Kamailio not using SNI in incoming requests (#1938)
maheshb2487
notifications at github.com
Thu Dec 19 13:15:37 CET 2019
Hi,
My Setup : client1 -> kamailio server 1 ( IP : 10.211.160.172) ----> kamailio server 2( IP : 10.211.160.176) -> client2
I have a scenario where kamailio server 1 has to initiate an outgoing tls connection to kamailio server 2, i have set the server_name and server_id in the client profile in tls.cfg like below on kamailio server 1
[client:default]
verify_certificate = no
require_certificate = no
server_name = mahesh.client.com
[client:10.211.160.172:5061]
method = TLSv1+
verify_certificate = yes
require_certificate = yes
private_key = /root/mahesh_openssl/profile2/btip_172_server_private.key
certificate = /root/mahesh_openssl/profile2/btip_172_server_public.crt
ca_list = /root/mahesh_openssl/profile2/btip_ca_public.crt
cipher_list = RSA
verify_depth = 9
server_name = btip.176.com
server_id = btip.176.com
And in sar.cfg
$xavp(tls=>server_name)="btip.176.com";
$xavp(tls=>server_id)="btip.176.com";
$du = "sip:10.211.160.176:5061;transport=tls";
....
t_relay();
What i observe is that , when client hello is sent by 10.211.160.172 to 10.211.160.176, i dont see Extension server_name being sent. Am i missing anything. Please help !
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/1938#issuecomment-567465707
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-dev/attachments/20191219/629bdb4f/attachment.html>
More information about the sr-dev
mailing list